1. Field of the Invention
The present invention generally relates to digital signature generation and validation. Specifically, the present invention relates to a method, system, program product, and method for deploying an application for generating and/or validating digital signatures.
2. Related Art
Many electronic documents involve the use of more than one digital signature. Although the simplest use cases are well known, such as the ubiquitous office-use-only section or the applicant/co-applicant loan application, some forms can involve many overlapping signatures affixed after each signatory performs additional work on the form. For example, an application for the Office of the Secretary of Defense for approving military SOP changes involves as many as 50 signatures, where each signer would add additional annotations related to the SOP change. To allow for additional work to be performed on a form after a signature has been affixed, the notion of an Extensible Markup language (XML) digital signature filter was defined. The filter typically expresses what part of the document to exclude from the signature. Everything not explicitly mentioned by the exclusion filter is covered by the signature, so the filter becomes a description of what additional work is allowed to be performed on the form without invalidating the signature. The signature filter is associated with the signature, and it is signed by the signature. This allows each signature to have its own filter and allows only a certain amount and type of work to be done on the form after that signature is affixed. Of course, each signature typically allows a diminishing set of additional work to be done leading up to the full completion of the form.
Unfortunately, due to drawbacks with existing filter mechanisms, a pair of tests called the User Interface Control (UIC) overlap test and the UIC layout test have been developed. These tests are augmentations to the core cryptographic sign and validate operations. Specifically, each UIC of the electronic document, or item, is associated with a rectangular bounding box corresponding to its draw area. The UIC overlap test for a signature determines whether any UIC that is signed by the signature overlaps the bounding box of any unsigned item. The UIC layout test has a similar purpose to the UIC overlap test, except that it seeks to prevent obscuring or un-obscuring of signed items by other signed items.
The current methods of partial document signing encourage partial document signatures to not secure the entire presentation layer by equating exclusion of the markup of a UIC with exclusion of the data. This decreases security because additional user interface elements can be added directly to the presentation markup without invalidating a signature. Moreover, given a system in which exclusions are made only to data and the entire presentation layer markup is signed, changes to the actual presentation can still occur based on how allowable data changes are interpreted by the user interface definition. As a result, modifications (malicious or otherwise) to data can still cause undesired overlaps of user interface controls, either due to the creation or deletion of controls based on data changes as well as changes of size of controls due to data changes. In addition, the UIC overlap and layout tests are also not defined for user interface definitions that contain hierarchic UICs.
In view of the foregoing, there exists a need for a solution that solves at least one of the deficiencies in the related art.